diff --git a/ChangeLog b/ChangeLog index 0c18ff7bc..694cfc313 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,6 +17,7 @@ Changes * pk_verify() now returns a specific error code when the signature is valid but shorter than the supplied length. * Use UTC time to check certificate validity. + * Reject certificates with times not in UTC, per RFC 5280. Security * Avoid potential timing leak in ecdsa_sign() by blinding modular division. diff --git a/library/x509.c b/library/x509.c index 54623a0d7..60e1cac81 100644 --- a/library/x509.c +++ b/library/x509.c @@ -274,7 +274,7 @@ int x509_get_time( unsigned char **p, const unsigned char *end, memcpy( date, *p, ( len < sizeof( date ) - 1 ) ? len : sizeof( date ) - 1 ); - if( sscanf( date, "%2d%2d%2d%2d%2d%2d", + if( sscanf( date, "%2d%2d%2d%2d%2d%2dZ", &time->year, &time->mon, &time->day, &time->hour, &time->min, &time->sec ) < 5 ) return( POLARSSL_ERR_X509_INVALID_DATE ); @@ -298,7 +298,7 @@ int x509_get_time( unsigned char **p, const unsigned char *end, memcpy( date, *p, ( len < sizeof( date ) - 1 ) ? len : sizeof( date ) - 1 ); - if( sscanf( date, "%4d%2d%2d%2d%2d%2d", + if( sscanf( date, "%4d%2d%2d%2d%2d%2dZ", &time->year, &time->mon, &time->day, &time->hour, &time->min, &time->sec ) < 5 ) return( POLARSSL_ERR_X509_INVALID_DATE );